Summary: Prevent deletion of wrong iptables rules

Detail: A grep in security_group.py wasn't defined well enough, could potentially delete rules for VMs other than intended BUG-ID: CLOUDSTACK-309 Bugfix-for: master Reviewed-by: Reported-by: Francois Scala Signed-off-by: John Kinsella <jlk@stratosec.co> 1363222521 -0700
2025-10-26 08:42:29 +01:00 · 2013-03-13 17:54:50 -07:00 · 2013-03-13 17:54:50 -07:00 · 1079d63b6f
commit 1079d63b6f
parent 381f737e64
1 changed files with 1 additions and 1 deletions
--- a/scripts/vm/network/security_group.py
+++ b/scripts/vm/network/security_group.py
@ -344,7 +344,7 @@ def post_default_network_rules(vm_name, vm_id, vm_ip, vm_mac, vif, brname, dhcpS
 def delete_rules_for_vm_in_bridge_firewall_chain(vmName):
    vm_name = vmName
    if vm_name.startswith('i-') or vm_name.startswith('r-'):
-        vm_name =  '-'.join(vm_name.split('-')[:-1])
+	vm_name = '-'.join(vm_name.split('-')[:-1]) + "-def"
    
    vmchain = vm_name